security

  1. J

    SOLVED list of updated files includes eggdrop.sym, ircd.sym and other suspicious files

    Hello. I normally receive updates on files not matching md5sums and check if it was the result of an update. But today I received a list of updated files the likes of the following: [2021-11-01 22:39:31 -0400] [/usr/local/cpanel/bin/dcpumon] Loading Symbol Table...
  2. U

    Severe attack case via POST /admin/ HTTP/1.1

    Hello, we have a rather difficult case of attacks to our VPS server (CLOUDLINUX 7.9 kvm [web] v98.0.9) Server Version: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l Apache mod_bwlimited/1.4 mainly in the form: http/1.1 example-domain.com:443 POST /admin/ HTTP/1.1 that target the admin...
  3. Alongar

    Security Advisor in WHM & ImunifyAV

    Hello, If ClamAV is installed instead of ImunifyAV, why does the Security Advisor still show a notice to install ImunifyAV if another anti-virus program is being used that you can install through cPanel->Manage Plugins? Should this notice be dismissed by cPanel if ClamAV is installed?
  4. M

    Backup Encryption Security

    BACKGROUND: Many customers of CPanel have over the course of over 5 years been looking and waiting for Backup Encryption ability on the server controlled backup processes. This can be found on the Feature Request here...
  5. cPanelTabby

    EasyApache 4 October 6 Release

    EasyApache 4 October 6 Release We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional...
  6. J

    SOLVED Can emails be sent outbound other than with smtp?

    Hello. I frequently monitor outbound email that uses a php script (phplist) and exim to send it out. However, if - and it's a big if - an account gets compromised, is there a way for someone to also send out emails say "under the radar" that are not included in domain email logs? Thanks.
  7. cPanelTabby

    cPanel TSR-2021-0005 Announcement

    cPanel TSR-2021-0005 Announcement cPanel has released its Targeted Security Release to address security concerns with the cPanel & WHM product. These updates are currently available to all customers via the standard update system. cPanel has rated this update as having a CVSSv3.1 score of 3.9...
  8. V

    Content-Security-Policy headers for WHM, cPanel, and webmail

    Has any thought been given to enabling better Content-Security-Policy headers on the WHM, cPanel, and webmail interfaces by default? I see threads in the forums about how to setup the Content-Security-Policy headers in the pre_main_global.conf but when you do that, it appears to apply to the...
  9. 7

    Fixed case CPANEL-37048: Remove support for legacy mod security 2 configuration.

    Updated WHM from 96 to 98 yesterday and CSF doesn't seem to be blocking using modsecurity rules. Then I noticed that update. Does Mod_Security still work with WHM 98? How can be get it working?
  10. M

    Any suggestions for online training about web security and hacking prevention

    Hello, I was wondering if you can suggest any good free or not expensive training+certification about this matter. Maybe something in the cPanel University -- Get Certified! ?
  11. cPanelTabby

    cPanel TSR-2021-0004 Full Disclosure

    cPanel TSR-2021-0004 Full Disclosure cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel...
  12. I

    WP-Toolkit: Security keys were not fully applied

    Hi, I've been getting this error when the toolkit tries to run the smart update on one of my sites. Smart Update could not be completed automatically. Please try running the update manually. Details: Failed to clone the installation: 'Security keys were not fully applied.' I'm not sure how to...
  13. 000

    exist some difference (in level of security) if I connect over IPv6 vs IPv4 ?

    hello, I believe the target of IP6 is transfer video and streaming. But... I can connect SERVER_USERS to PHP_LOGIN and then send requests from SERVER_USERS to SERVER_with_ip6, get ANSWER from SERVER_with_ip6 then send this to SERVER_USERS for this context, is the same if I connect over IP6 or...
  14. AndyX

    The security token is missing from your request.

    Please eliminate this erroneous message: In Firefox I have my preference set to delete all cookies when I exit Firefox. So the "The security token is missing from your request" will always show no matter what I do. I don't think the message serves any useful purpose and should be eliminated...
  15. T

    Help improving security

    Hello, I have a security red score on webpagetest.org as you can see here : WebPageTest Test Result - Paris - EC2 - Ch...mprunter-malin.com - 05/28/21 05:27:25. In order to improve security, a developer has asked me to do the follwowing : 1- Enable HSTS in Apache OR : Add the following code...
  16. A

    Origin of a root access

    Few days ago, I saw this in `bash_history` while looking for something else: 539 being MY last action on the server, connected as root by private key, and 554 being ConfigServer installing their stuff and making configurations. From where I'm standing, first the hacker couldn't get his hand...
  17. cPanelTabby

    cPanel TSR-2021-0003 Announcement

    cPanel TSR-2021-0003 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated...
  18. T

    Cookieless domain warning

    Is it possible to disable cookies using WHM and achieve a cookieless domain warning? As I understand it can be created an Amazon bucket and connect cookies warning inside a new domain An example: <?php define("WP_CONTENT_URL", "http://domain.com.s3.amazonaws.com/assets/")...
  19. C

    root password and security policy

    Just tried to log into whm, get the following screen (attached) I cant do anything till I change my root pw - however I dont wish to do this - any way in ssh (I have access via ssh keys) to manual edit this so I can get into whm and not have to change my password ?
  20. R

    Security advisor strange results

    Hello, The cPanel/Whm "security advisor" feature tells me : Important add kernelcare's free symlink protection Information Use kernelcare to automate kernel security updates without reboots I have imunify360 so the last message is strange as kernelcare is included and i did have that symlink...